Hi, I would like to know if I can always pass the export password of the .p12 client certificate to openssl without worrying about the pass phrase that needs to be set on generating the .p12 file. I looked function
int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca) It seems that it always calls PKCS12_verify_mac() whether pass is NULL or "" or the export password. Does that mean the pass phrase is really insignificant for openssl? One evidence is Android, where only the export password will need to be entered during the certificate install. Thanks, Yichun
